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DETAILED ACTION 

i> Claims 1-27 are presented for examination. 

Claim Rejections - 3J USC § xi2 

2> The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming 
the subject matter which the applicant regards as his invention. 

3> Claim 18 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention, 

a. The following claim contains claim language that is unclear and not clearly 

understood: 

i. Claim 18 - line 10 - "the plurality of processors" - this term is rendered 

indefinite since the claim calls for only "at least one network processor;" 
therefore if the network has only one network processor, there is not a 
plurality, leading to a case of lack of proper antecedent basis. 



Claim Rejections - J5 USC § 102 

4> The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application by 
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another who has fulfilled the requirements of paragraphs (i), (2), and (4) of section 371(c) of this title before 
the invention thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 
1999 (AIPA) and the Intellectual Property and High Technology Technical Amendments 
Act of 2002 do not apply when the reference is a U.S. patent resulting directly or indirectly 
from an international application filed before November 29, 2000, Therefore, the prior art 
date of the reference is determined under 35 U.S.C. 102(e) prior to the amendment by the 
AIPA (pre-AIPA 35 U.S.C. 102(e)). 

5> Claims i are rejected under 35 U.S.C 102(e) as being anticipated by Krishnan et al, U.S 
Patent No. 6.606.710 ["Krishnan"]. 

6> As to claim Krishnan discloses a method for determining whether to enforce a 
plurality of filter rules for a packet including a key in a computer network, each of the 
plurality of filter rules having a priority [column 5 <lines 37'4i>], the method comprising the 
steps of: 

accumulating statistics for each of the plurality of filter rules, the statistics indicating 
a frequency of enforcement for each of the plurality of filter rules [column 2 <lines 38-43>]; 
and 

placing the plurality of filter rules in an order for testing against the key, the order 
being based on the frequency of each filter rule of the plurality of filter rules [column 2 <lines 
38-6i> I column 4 <lines 4i-6i>]. 
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7> As to claim 2, Krishnan discloses the method of claim i wherein the order is from a 
higher priority filter rule of the plurality of filter rules to a lower priority filter rule of the 
plurality of filter rules [column 5 <lines 37'4i>]. 

8> As to claim 3, Krishnan discloses the method of claim iwherein the ordering step 
further includes the step of: 

providing a decision tree for testing the plurality of filter rules, the decision tree being 
configured based on the frequency of each of the plurality of filter rules and so that the 
plurality of filter rules can be tested in the order, a first portion of the plurality of filter rules 
having at least one higher priority being placed higher in the tree [column 4 <lines 4i-5o> | 
column 5 <lines 24'26> where; while Krishnan does not specifically mention "decision tree" in 
his disclosure, he does utilize the same functionality of a decision tree, where the rules are 
ordered and then applied sequentially to an incoming packet. If the first rule fails, then the 
next rule is applied, and so on]. 

9> As to claim 4, Krishnan discloses the method of claim 3 wherein the decision tree 
providing step further includes the step of: 

rebuilding the decision tree after the expiration of an interval of time [column 7 <lines 
32'33> where: Krishnan's reordering of his rule set is equivalent in functionality to the 
claimed step of rebuilding the tree]. 
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io> As to claim 5, Krishnan discloses the method of claim 4 wherein the interval of time 
is determined based on a determination of how frequently a second portion of the plurality of 
filter rules is enforced [column 7 <lines 32-44>]. 

ii> As to claim 7, Krishnan discloses the method of claim 4 wherein the interval of time 
is determined based on a previous interval of time [column 7 <lines 18-21 and 32'33>]- 

I2> As to claim 8, Krishnan discloses the method of claim 4 wherein the computer 
network further includes a network processor [Figure 2] and wherein the rebuilding step 
further includes the step of: 

placing the plurality of filter rules in the decision tree based on the priority of each of 
the plurality of filter rules and at least one performance factor of the network processor 
[column 2 <lines 46'48> | column 3 <lines I2'i6> | column 4 <lines 4i'50> I column 5 <lines 24' 
26>] . 

I3> As to claim 9, Krishnan discloses a system for determining whether to enforce a 
plurality of filter rules for a packet including a key in a computer network, each of the 
plurality of filter rules having a priority, the system comprising: 

at least one network processor for accumulating statistics for each of the plurality of 
filter rules, the statistics indicating a frequency of enforcement for each of the plurality of 
filter rules and testing a portion of the plurality of filter rules against the key in an order, the 
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order being based on the frequency of each filter rule of the portion of the plurality of filter 
rules [Figure 2 | [column 2 <lines 38--6i> | column 4 <lines 4i'6i>]; and 

at least one memory for storing the plurality of filter rules [Figure 2]. 

i4> As to claims I0'*i3 and 15-16, as they are claims to a system that performs the steps of 
the method of claims 2-5 and 7-8, they do not teach or further define over the limitations 
recited in claims 2-5 and 7-8. Therefore, claims 10-13 and 15-16 are also rejected for the same 
reasons as set forth in claims 2-5 and 7-8, supra . 

I5> As to claims 19-23 and 25-26 , as they are claims to a computer readable medium that 
performs the steps of the method of claims 1-5 and 7-8, they do not teach or further define 
over the limitations recited in claims 1-5 and 7-8. Therefore, claims 19-23 and 25-26 are also 
rejected for the same reasons as set forth in claims 1-5 and 7-8, supra . 

i6> As to claim 27, Krishnan discloses a method for determining whether to enforce a 
plurality of filter rules for a packet including a key in a computer network, each of the 
plurality of filter rules having a priority [column 5 <lines 37-4i>], the method comprising the 
steps of: 

accumulating statistics for each of the plurality of filter rules, the statistics indicating 
a frequency of enforcement for each of the plurality of filter rules [column 2 <lines 38-43>]; 
and 
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testing a portion of the plurality of filter rules against the key in an order, the order 
being based on the frequency of each filter rule of the plurality of filter rules [column 2 <lines 
38-6i> I column 4 <lines 4i'6i> where: Krishnan discloses 'sequentially applying' the rules to 
the key of the packet which is equivalent in functionality to testing the filter rules in an 
order]. 

Claim Rejections - 55 US C § 103 

ij> The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

i8> Claims 6, 14 and 24 are rejected under 35 U.S.C 103(a) as being unpatentable over 
Krishnan in view of an Official Notice. 

I9> Krishnan does disclose the rebuilding the tree after an interval of time and that this 
interval of time can be based by certain operating parameters of the firewall, and specifically 
that rules with higher counts are swapped with rules with lower counts. So while Krishnan 
suggests that the interval between rebuilding would be diminished if lower count rules were 
located higher in the tree than higher count rules, he does not specifically disclose that the 
interval of time decreases when the first portion of the plurality of filter rules are accessed 
less frequently than a third portion of the plurality of filter rules. 
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20> However, Official Notice is taken that it is well known and expected in the art to 
implement the technique of decreasing the intervals between reordering of filter rules so that 
higher count rules can be placed first in the tree to increase the performance and efficiency of 
the packet filter. 

zi> Claim 14 is a system that performs the step of the method of claim 6. Therefore, claim 
14 is rejected for the same reasons as set forth in claim 6, supra . 

22> Claim 24 is a computer readable medium that performs the step of the method of 
claim 6. Therefore, claim 14 is rejected for the same reasons as set forth in claim 6, supra . 

23> Claim 17 is rejected under 35 U.S.C 103(a) as being unpatentable over Krishnan in 
view of Zenche Isky et al, U.S Patent No. 6.173.364 ["Zenchelsky"]. 

24> Krishnan does not disclose the use of at least one memory including a fast memory 
and wherein a first portion of the plurality of filter rules are placed in the fast memory, each 
of the first portion of the plurality of filter rules having a higher priority. 

25> Zenchelsky teaches the use of a cache wherein a portion of plurality of filter rules are 
placed in the cache, each of the portion of filter rules having a higher priority [column 4 
<lines 39-44> | column 5 <lines i-3> where: it is well known in the art that a cache is equivalent 
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to a fast memory]. Zenchelsky's caching of higher use/priority rules enables quicker, more 
efficient searching of filter rules to match with incoming packets. Therefore, it would have 
been obvious to one of ordinary skill in the art at the time the invention was made to 
implement Zenchelsky's caching technique into Krishnan's memory system for the obtained 
advantages of saving processor time and improving filter throughput [column 6 <lines 5-8>]. 

26> Claim 18 is rejected under 35 U.S.C 103(a) as being unpatentable over Krishnan, in 
view of Lakshman et al, U.S Patent No. 5.951. 651 ["Lakshman"]. 

27> Krishnan discloses switch for use in a computer network, the switch determining 
whether to enforce a plurality of filter rules for a packet including a key, each of the plurality 
of filter rules having a priority [Figure 2 | column 5 <lines 37'4i>], the switch comprising: 

at least one network processor for accumulating statistics for each of the plurality of 
filter rules, the statistics indicating a frequency of enforcement for each of the plurality of 
filter rules and testing a portion of the plurality of filter rules against the key in an order, the 
order being based on the frequency of each filter rule of the portion of the plurality of filter 
rules [Figure 2 | [column 2 <lines 38'6i> | column 4 <lines 4i-6i>]; 

at least one memory for storing the plurality of filter rules [Figure 2]. 

Krishnan does not disclose a switch fabric coupling a plurality of processors. 

28> Lakshman discloses a switch fabric coupling the plurality of processors [Figure 8a 
<items 205,25o(a...n)> | column 6 <lines 2-io>]. Lakshman's switch fabric provides the use of a 
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plurality of network processors to concurrently process incoming packets to apply filter rules, 
increasing the packet throughput through the switch. Therefore, it would have been obvious 
to one of ordinary skill in the art to implement multiple processors as detailed by Lakshman 
into Krashnin's switch to provide the aforementioned benefit of increased packet throughput 
through the network. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

U.S Patent No. 5.463.777 to Bialkowski et al [Use of binary trees to filter packets for 
forwarding - abstract, Figure 3]; 

U.S Patent No. 5.761.424 to Adams et al [Automatic filtration of packets passing 
through an apparatus with the use of a filtration table and rules - abstract]; 

U.S Patent No. 6.341. 130 to Lakshman et al [Router with prioritizing packet filter rules 
and the use of a search tree to quickly process packet rules - abstract, Figure 9a]; 

U.S Patent No. 6.772.346 to Xie et al [Firewall with filter rules and counter means to 
keep track of number of times a rule has been used]. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Dohm Chankong whose telephone number is (703)305-8864. 
The examiner can normally be reached on 8:00AM - 5;ooPM. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, John FoUansbee can be reached on (703)305-8498. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for pubhshed 
applications may be obtained from either Private PAIR or Pubhc PAIR. Status information 
for unpublished applications is available through Private PAIR only. For more information 
about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217- 
9197 (toll-free). 
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Dung C. Dinh 
Primary Examiner 



